Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:Update
patchinfo.19882
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.19882
<patchinfo incident="19882"> <issue tracker="cve" id="2019-20387"/> <issue tracker="cve" id="2021-3200"/> <issue tracker="bnc" id="1161510">VUL-1: CVE-2019-20387: libsolv: heap-based buffer over-read via a last schema whose length is less than the length of the input schema</issue> <issue tracker="bnc" id="1186229">VUL-0: CVE-2021-3200: libsolv: buffer overflow via the Solver * testcase_read()</issue> <issue tracker="jsc" id="SLE-17973"/> <packager>mlandres</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for libsolv</summary> <zypp_restart_needed/> <description>This update for libsolv fixes the following issues: Security issues fixed: - CVE-2019-20387: Fixed heap-buffer-overflow in repodata_schema2id (bsc#1161510) - CVE-2021-3200: testcase_read: error out if repos are added or the system is changed too late (bsc#1186229) Other issues fixed: - backport support for blacklisted packages to support ptf packages and retracted patches - fix ruleinfo of complex dependencies returning the wrong origin - fix SOLVER_FLAG_FOCUS_BEST updateing packages without reason - fix add_complex_recommends() selecting conflicted packages in rare cases - fix potential segfault in resolve_jobrules - fix solv_zchunk decoding error if large chunks are used </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor